// If we are doing quicksearch by a field other than name, make sure that field is added to results
if (!empty($params['field_name'])) {
$field_name = CRM_Utils_String::munge($params['field_name']);
+ // there is no good reason to request api_key via getquick
+ if ($field_name == 'api_key') {
+ throw new API_Exception('Illegal value "api_key" for parameter "field_name"');
+ }
// Unique name contact_id = id
if ($field_name == 'contact_id') {
$field_name = 'id';
$this->assertEquals('C Bobby, Bobby :: Whanganui', $result['values'][1]['data']);
}
+ /**
+ * Test that getquick doesn't work with field_name=api_key
+ *
+ * @throws \CRM_Core_Exception
+ */
+ public function testGetQuickApiKey() {
+ $this->callAPISuccess('Contact', 'create', [
+ 'contact_type' => 'Individual',
+ 'email' => 'apiuser@example.com',
+ 'api_key' => 'hunter2',
+ ]);
+ $result = $this->callAPIFailure('Contact', 'getquick', [
+ 'name' => '%',
+ 'field_name' => 'api_key',
+ ], 'Illegal value "api_key" for parameter "field_name"');
+ }
+
/**
* Set up some sample data for testing quicksearch.
*/
projects / civicrm-core.git / commitdiff